The problem is that we're calculating the timezone relative to 01/01/2000,
but the VET timezone changed from -4 hours to -4:30 hours on 12/09/2007.
According to the spec, section 15.9.1.9 states "the time since the beginning
of the year", presumably meaning the *current* year. Change the calculation
to be based on whatever the current year is, rather than a canned date.

Change the implementation of op_throw so the stub function always modifies its
return address - if it doesn't find a 'catch' it will switch to a trampoline
to force a return from JIT execution. This saves memory, by avoiding the need
for a unique return for every op_throw.

jit/JITOpcodes.cpp:
(JSC::JIT::emit_op_throw):

JITStubs::cti_op_throw now always changes its return address,
remove return code generated after the stub call (this is now
handled by ctiOpThrowNotCaught).

Make readUintX() public and static (since they will need to be once
BMPImageReader is included in *ImageDecoder via composition rather
than inheritance). Add wrappers in each class so callers can be
simpler. In the next patch, these wrappers will be beefed up slightly
and the callers will get even simpler.

Change direct setting of m_failed to use setFailed(), since in the
next patch much of this code won't even have direct access to m_failed

Add a helper function in ICOImageDecoder to determine the image type
instead of simply doing it inline

Rewrap lines that used to be <=80 cols and slipped over it during the
original landing of these decoders

Other misc. changes, e.g. adding constructor definitions, reordering
functions, changing RGBA32Buffer& to RGBA32Buffer*, etc. that have no
functional effect but minimize the subsequent diff for readability

​https://bugs.webkit.org/show_bug.cgi?id=26460 part one
Make isSizeAvailable non-const, since it's not logically const (it
triggers lazy decoding), and simplify all the implementations (without
changing behavior; just make less verbose). Remove some other
inappropriate consts, which enables the removal of all the mutable
declarations in the decoders.

platform/image-decoders/ImageDecoder.h:
(WebCore::ImageDecoder::isSizeAvailable):
(WebCore::ImageDecoder::setSize): Make public to avoid needing a friend declaration in the JPEG decoder, and because the ICO/BMP decoders will soon need this.

When deciding which RenderLayers should be composited, when a layer goes into
compositing mode we repaint the old location. However, we did that before
we'd looked at all the factors that may force a layer to composite, so missed
some cases. Fix by doing the repaint once we really know whether it's going
to composite.

DumpRenderTree/mac/DumpRenderTreeWindow.mm:
(-[DumpRenderTreeWindow close]): Resolved crashes seen during regression
tests. The close method can be called on a window that's already closed
so we can't assert here.

For marking I decided not to use gcProtect, because this is inside the engine
so it's easy enough to just do marking. And that darned gcProtect does locking!
Oliver tried to convince me to used MarkedArgumentBuffer, but the constructor
for that class says "FIXME: Remove all clients of this API, then remove this API."

runtime/JSONObject.cpp: Cut down the includes to the needed ones only.
(JSC::unwrapNumberOrString): Added. Helper for unwrapping number and string
objects to get their number and string values.
(JSC::ReplacerPropertyName::ReplacerPropertyName): Added. The class is used
to wrap an identifier or integer so we don't have to do any work unless we
actually call a replacer.
(JSC::ReplacerPropertyName::value): Added.
(JSC::gap): Added. Helper function for the Stringifier constructor.
(JSC::PropertyNameForFunctionCall::PropertyNameForFunctionCall): Added.
The class is used to wrap an identifier or integer so we don't have to
allocate a number or string until we actually call toJSON or a replacer.
(JSC::PropertyNameForFunctionCall::asJSValue): Added.
(JSC::Stringifier::Stringifier): Updated and moved out of the class
definition. Added code to hook this into a singly linked list for marking.
(JSC::Stringifier::~Stringifier): Remove from the singly linked list.
(JSC::Stringifier::mark): Mark all the objects in the holder stacks.
(JSC::Stringifier::stringify): Updated.
(JSC::Stringifier::appendQuotedString): Tweaked and streamlined a bit.
(JSC::Stringifier::toJSON): Renamed from toJSONValue.
(JSC::Stringifier::appendStringifiedValue): Renamed from stringify.
Added code to use the m_holderStack to do non-recursive stringify of
objects and arrays. This code also uses the timeout checker since in
pathological cases it could be slow even without calling into the
JavaScript virtual machine.
(JSC::Stringifier::willIndent): Added.
(JSC::Stringifier::indent): Added.
(JSC::Stringifier::unindent): Added.
(JSC::Stringifier::startNewLine): Added.
(JSC::Stringifier::Holder::Holder): Added.
(JSC::Stringifier::Holder::appendNextProperty): Added. This is the
function that handles the format of arrays and objects.
(JSC::JSONObject::getOwnPropertySlot): Moved this down to the bottom
of the file so the JSONObject class is not interleaved with the
Stringifier class.
(JSC::JSONObject::markStringifiers): Added. Calls mark.
(JSC::JSONProtoFuncStringify): Streamlined the code here. The code
to compute the gap string is now a separate function.

fast/js/resources/JSON-stringify.js: Changed the infinite object and
infinite array tests to instead just test something a fixed number of
levels deep. Otherwise we end up with an infinite loop in the test,
which would lead to the slow-script dialog in the production web browser.
Also raised the number from 512 to 2048 since there's no fixed limit any more.

html/HTMLMediaElement.cpp:
(WebCore::HTMLMediaElement::mediaPlayerSawUnsupportedTracks):
(WebCore::HTMLMediaElement::mediaPlayerRepaint):
Just move these methods to group the render-related methods together.

(WebCore::HTMLMediaElement::mediaPlayerRenderingCanBeAccelerated):
Call out method to ask the RenderLayerCompositor if presentation of this video
can be acclerated. It might say no, if, for example, the video has a reflection.

(WebCore::HTMLMediaElement::mediaPlayerGraphicsLayer):
Fetch the GraphicsLayer from the RenderVideo that will host the movie layer.

html/HTMLMediaElement.h:
Reordered the rendering-related methods, and added two methods related to video
acceleration.

platform/graphics/MediaPlayer.cpp:
(WebCore::MediaPlayer::acceleratedRenderingStateChanged):
Called by the rendering system when it determines that the video must go into, or
fall off of the hardware-accelerated path.

(WebCore::MediaPlayerClient::mediaPlayerRenderingCanBeAccelerated):
(WebCore::MediaPlayerClient::mediaPlayerGraphicsLayer):
New methods to ask the client if the rendering system can support accelerated
rendering, and to get a GraphicsLayer to plug the movie layer into.

platform/mac-leopard/fast/media/mq-transform-03-expected.txt: Copied from LayoutTests/platform/mac/fast/media/mq-transform-03-expected.txt.
Copy the old "mac" results to "mac-leopard" since 3d-rendering is disabled there.

If loading a font fails because of the sandbox, we ask the browser process to
try to load it by calling ensureFontLoaded. If it still fails after
ensureFontLoaded, we hit a ASSERT_NOT_REACHED.

This case happens once in a while during browser shutdown. The browser will
queue a message to the renderer to shutdown, and will then stop answering sync
messages from the renderer. If the renderer is still loading a page during this
time, it might try to call the browser process to ask to load a font. The
browser process will ignore the request, and the font will fail to load, even
after the second try.

This is unfortunate, but there is no real risk here, since the renderer will be
going away as soon as it processes another message.

platform/FileChooser.cpp:
(WebCore::FileChooser::chooseFiles): Suppress change event if the
existing selected files and the incoming selected files are equal.
(WebCore::FileChooser::chooseIcon): Returns 0 if there is no selected
files.

<rdar://problem/6974175> ASSERT in JITStubs.cpp at appsaccess.apple.com

Remove PropertySlot::putValue - PropertySlots should only be used for getting,
not putting. Rename JSGlobalObject::getOwnPropertySlot to hasOwnPropertyForWrite,
which is what it really was being used to ask, and remove some other getOwnPropertySlot
& getOwnPropertySlotForWrite methods, which were unused and likely to lead to confusion.

<rdar://problem/6974175> ASSERT in JITStubs.cpp at appsaccess.apple.com

JSDOMWindowCustom was using PropertySlot::putValue, however this interface
appears to be fundaementally incorrect - PropertySlots are only used to get
values, all puts use PutPropertySlot. However PutPropertySlot cannot be
used in the fashion desired here - it only reports the caching type of a
write that has been performed.

(This caused a bug where the put should have triggered a transition, and
failed to do so.)

Removing the faulty case from the optimization leads to a ~0.5% progression
on in-browser SunSpider (presumably the very first case was not being hit
often, and the simplification here is beneficial).

rendering/RenderObject.cpp:
(WebCore::RenderObject::destroy):
Removed the check for document()->frame(). If frame() is 0 in this code,
then the call to animation() is also incorrect (since it does document()->frame()->animation()).

rendering/RenderMediaControls.cpp:
(WebCore::RenderMediaControls::paintMediaControlsPart): Stop using MediaPlayer object, get button
state from the button itself and get movie state from HTMLMediaElement.

rendering/RenderThemeMac.mm:
(WebCore::RenderThemeMac::paintMediaMuteButton): Get state from button instead of MediaPlayer.
(WebCore::RenderThemeMac::paintMediaPlayButton): Ditto.

workers/WorkerScriptLoader.cpp: Renamed from workers/WorkerImportScriptsClient.cpp.
This to make it more generic so worker script loading could use it.
(WebCore::WorkerScriptLoader::loadSynchronously):
(WebCore::WorkerScriptLoader::loadAsynchronously):
(WebCore::WorkerScriptLoader::didFinishLoading):
(WebCore::WorkerScriptLoader::didFail):
(WebCore::WorkerScriptLoader::didFailRedirectCheck):
(WebCore::WorkerScriptLoader::didReceiveAuthenticationCancellation):
(WebCore::WorkerScriptLoader::notifyFinished):

workers/WorkerScriptLoader.h: Renamed from workers/WorkerImportScriptsClient.h.
This to make it more generic so worker script loading could use it.

06/15/09:

Rename PatchBuffer to LinkBuffer. Previously our terminology has been a little
mixed up, but we have decided to fix on refering to the process that takes place
at the end of code generation as 'linking', and on any modifications that take
place later (and once the code has potentially already been executed) as 'patching'.

However, the term 'PatchBuffer' is already in use, and needs to be repurposed.

To try to minimize confusion, we're going to switch the terminology over in stages,
so for now we'll refer to later modifications as 'repatching'. This means that the
new 'PatchBuffer' has been introduced with the name 'RepatchBuffer' instead.

This patch renames the old 'PatchBuffer' to 'LinkBuffer'. We'll leave ToT in this
state for a week or so to try to avoid to much overlap of the meaning of the term
'PatchBuffer', then will come back and rename 'RepatchBuffer'.

Fix for <rdar://problem/6907228> Pasting a paragraph as quotation leaves you typing in blue instead of black; repros

editing/InsertParagraphSeparatorCommand.cpp: (WebCore::InsertParagraphSeparatorCommand::doApply):
When inserting a newline after the blockquote, we don't want to apply the original style after the insertion.

This test case covered inserting a newline after a blockquote, but outside of the blockquote. I added some
text insertion to verify that the newline doesn't get any old styles copied from the blockquote.

Having moved most of their functionality into the RepatchBuffer class,
we can simplify the CodeLocation* classes.

The CodeLocation* classes are currently a tangle of templatey and friendly
badness, burried in the middle of AbstractMacroAssembler. Having moved
the ability to repatch out into RepatchBufer they are now do-nothing wrappers
on CodePtr (MacroAssemblerCodePtr), that only exist to provide type-safety.

Having introduced the RepatchBuffer, ProcessorReturnAddress is now a do-nothing
wrapper around ReturnAddressPtr. Remove it. In tugging on this piece of string
it made sense to roll out the use of ReturnAddressPtr a little further into
JITStubs (which had always been the intention).

Move repatching methods into a set of methods on a class. This will allow us to
coallesce memory reprotection calls. Really, we want this class to be called
PatchBuffer, we want the class PatchBuffer to be called LinkBuffer, we want both
to be memblers of MacroAssembler rather then AbstractMacroAssembler, we don't
want the CodeLocationFoo types anymore (they are now only really there to provide
type safety, and that is completely undermined by the way we use offsets). Then
the link & patch buffers should delegate the actual patching calls to the
architecture-specific layer of the MacroAssembler. Landing all these changes as a
sequence of patches.

We are currently generating two copies of the slow path for op_call for no reason. Stop that.

Originally op_call used two slow paths since the first set up the pointer to the CallLinkInfo
for use when linking. However this is now looked up using the return address (as we do for
property accesses) so the two paths are now identical.

Use computeOffsetInContainerNode instead of the inline
offsetInContainerNode to return the caret offset, since the former
can handle all types of anchoring. Otherwise we'll hit an ASSERT
in some situations in debug builds, and crash.

Skip the trampoline detection for versions of Safari < 4.0 as they don't play these
tricks, and having WebKitNightlyEnabler assume that we were in the trampoline was
preventing our LaunchServices trickery from being run. This led to fresh copies of
WebKit.app being launched when a URL or file was opened from an external application
rather than the existing instance being reused.

Rename the CustomGetOwnPropertySlot and CustomPutFunction extended attributes
to DelegatingGetOwnPropertySlot and DelegatingPutFunction to more clearly describe
their functionality (customGetOwnPropertySlot and customPut member functions have
been renamed getOwnPropertySlotDelegate and putDelegate). CustomGetOwnPropertySlot
and CustomPutFunction have been repurposed to mean a complete custom implementation
of the function which is inline with other extended attributes prefixed with Custom.

editing/TextIterator.cpp:
(WebCore::BitStack::BitStack): Added.
(WebCore::BitStack::push): Added.
(WebCore::BitStack::pop): Added.
(WebCore::BitStack::top): Added.
(WebCore::BitStack::size): Added.
(WebCore::parentOrShadowParent): Added. Helper function for walking up
the parent node chain, crossing shadow tree boundaries.
(WebCore::depthCrossingShadowBoundaries): Added for use in assertions.
Counts the depth of a node using the parentOrShadowParent function.
(WebCore::fullyClipsContents): Added. Returns true for an element that
fully clips its contents, currently defined as a box that has zero width
or height and hides overflow. We can add other cases here later.
(WebCore::ignoresContainerClip): Added. Returns true for an element that
ignores its container clip, currently defined as an element with absolute
or fixed positioning.
(WebCore::pushFullyClippedState): Added. Pushes a bit on the stack indicating
if the node in question fully clips its contents.
(WebCore::setUpFullyClippedStack): Added. Pushes a bit for each ancestor of
a node. Used when creating an iterator.
(WebCore::TextIterator::TextIterator): Removed code to initialize
m_inShadowContent. Call setUpFullyClippedStack.
(WebCore::TextIterator::advance): Use parentOrShadowParent. Call pop when moving
up to a parent node, and also one extra time when moving to a sibling node.
Call pushFullyClippedState when moving to a child node, or when moving to a
sibling node after the aforementioned call to pop.
(WebCore::TextIterator::handleTextNode): Return early if the node is fully clipped.
(WebCore::TextIterator::handleReplacedElement): Ditto.
(WebCore::SimplifiedBackwardsTextIterator::SimplifiedBackwardsTextIterator):
Call setUpFullyClippedStack.
(WebCore::SimplifiedBackwardsTextIterator::advance): Same changes as
TextIterator::advance above.

Back out Simon's fix and replace it with a better one that doesn't needlessly destroy RenderObjects.
Use NoInherit rather than Detach for child index changes, and don't worry about other pseudo-class state
changes, since they were handled already with setNeedsStyleRecalcs on the affected objects themselves.

Move all of the mutable member variables from Font into the refcounted FontFallbackList. This makes
copying of Fonts more efficient and also effectively makes all of the mutations of a Font object happen
inside the FontFallbackList.

Fix an issue noted on quirksmode.com where dynamically adding siblings does not
update :nth-child style correctly.

Test: fast/css/nth-child-dynamic.html

dom/Node.h:
Change diff() to take const RenderStyle*

dom/Node.cpp:
(WebCore::Node::diff):
When comparing styles to decide whether to detach and reattach, we
need to look at whether the pseudoclass-related data in the style
changed (since RenderStyle::diff doesn't check this).